In general, information security entails protecting information from heft, loss, and corruption. Internet service providers may implement procedures to prevent phishing attacks and comprised user accounts. Attackers may use social engineering attacks on website users through simple phishing and sophisticated spear phishing attacks. Key stroke logging programs may record a user's login information, leading to a compromised user account. A service provider may implement multiple authentication challenges to verify a user. These authentication challenges may include multiple questions, cookies, etc.